Third party audits and certifications are considered a suitable solution to providing assurance and trust regarding a cloud service provider’s approach to security and privacy. They are also a credible way to show compliance to standards and regulations. Unfortunately, though, the number of existing national, international and sectorial standards, laws and regulations has drastically increased in the last few years, leading to increased complexity of the area of compliance. As a consequence, the process of adhering to different standards, laws and regulations for CSPs is not efficient, with a lot of duplicated work that unduly increases costs and complexity.
The EU-SEC project has worked on addressing these issues by, for instance, identifying the common denominators between widely known standards (e.g., ISO27001/02/17/18, SOC2, CSA STAR Certification and Attestation, BSI C5, ANSSI SecNumCloud and other national or sectorial schemes) and presenting them under a well-defined and comprehensive framework, namely the EU-SEC’s “Multi-Party Recognition Framework”. In order to share the EU-SEC project vision and results, we are inviting cloud stakeholders, e.g. CSPs, cloud customers, auditors, consultants and policy makers to join our workshop and tutorial.
The workshop will give you an insight into the functionality of the framework, its tools and requirements comparison methodology, as well as the benefits offered to the cloud certification community and market.
The workshop is free of charge and registration is available at https://www.sec-cert.eu/eu-sec/ws_bln9.